Study Bitcoin 🤗
|
|
Port probe to tcp/443 (https)
[srv124]
|
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 70.39.75.164 (keok1.agenciasego.com.br): 1 in t ... show more(mod_security) mod_security (id:210492) triggered by 70.39.75.164 (keok1.agenciasego.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 20:15:18.943200 2024] [security2:error] [pid 2520:tid 2520] [client 70.39.75.164:38284] [client 70.39.75.164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.40"] [uri "/.env"] [unique_id "ZzVPJvyZqotI8J11sN8H9AAAAA0"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
crispi
|
|
Unauthorized connection attempt detected from IP address 70.39.75.164 to TCP port 443
|
Port Scan
|
|
el-brujo
|
|
14/Nov/2024:01:45:50.904771 +0100Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client ... show more14/Nov/2024:01:45:50.904771 +0100Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 70.39.75.164] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_FILENAME. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.env found within REQUEST_FILENAME: /.env"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "91.126.30.243"] [uri "/.env"] [unique_id "ZzVIPvRMyQRx5dAXQGXgRAAABk8"]
... show less
|
Hacking
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 70.39.75.164 (keok1.agenciasego.com.br): 1 in t ... show more(mod_security) mod_security (id:210492) triggered by 70.39.75.164 (keok1.agenciasego.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 19:32:56.455147 2024] [security2:error] [pid 28465:tid 28465] [client 70.39.75.164:58100] [client 70.39.75.164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.138"] [uri "/.env"] [unique_id "ZzVFOKdrMysGxNH-_-cHzgAAAAU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
diego
|
|
Events: TCP SYN Discovery or Flooding, Seen 13 times in the last 10800 seconds
|
DDoS Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 70.39.75.164 (keok1.agenciasego.com.br): 1 in t ... show more(mod_security) mod_security (id:210492) triggered by 70.39.75.164 (keok1.agenciasego.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 19:13:47.183457 2024] [security2:error] [pid 6212:tid 6212] [client 70.39.75.164:41728] [client 70.39.75.164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.239"] [uri "/.env"] [unique_id "ZzVAu1n8-n3i11O6-kb9cwAAAAU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 70.39.75.164 (keok1.agenciasego.com.br): 1 in t ... show more(mod_security) mod_security (id:210492) triggered by 70.39.75.164 (keok1.agenciasego.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 18:57:05.254669 2024] [security2:error] [pid 31408:tid 31408] [client 70.39.75.164:60360] [client 70.39.75.164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.12"] [uri "/.env"] [unique_id "ZzU80WpTyy2UE1Tlv-sxFAAAAAA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
Unauthorized connection attempt
|
Port Scan
Hacking
Exploited Host
|
|
RAP
|
|
Probing web services for vulnerabilities
|
Port Scan
|
|
smopdidi
|
|
Ports: 443; 4 attempts
|
Port Scan
|
|
moebius
|
|
GET /.env HTTP/1.1" 400 248 "-" "Mozilla/5.0 Keydrop" "-"
|
Web App Attack
|
|
afleventoffice.com.au
|
|
GET /.env HTTP/1.1
|
Web App Attack
|
|